Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/mbshd36a3kUn_PLw1tny6fqn1rE.roa
File: mbshd36a3kUn_PLw1tny6fqn1rE.roa (raw, json)
Hash identifier: EUl3crN01+w1AJ7v5fomFccxy0ihSXuD2n+1bS2wa+s=
Subject key identifier: 99:BB:21:77:7E:9A:DE:45:27:FC:F2:F0:D6:D9:F2:E9:FA:A7:D6:B1
Certificate issuer: /CN=61c2b45a65c19b68abb0516c9ccaf4547a5cc312
Certificate serial: 0198ADE6DA5A87E44039E8C00F9ADE163192
Authority key identifier: 61:C2:B4:5A:65:C1:9B:68:AB:B0:51:6C:9C:CA:F4:54:7A:5C:C3:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcK0WmXBm2irsFFsnMr0VHpcwxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/mbshd36a3kUn_PLw1tny6fqn1rE.roa
Signing time: Fri 15 Aug 2025 13:24:04 +0000
ROA not before: Fri 15 Aug 2025 13:24:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 2a11:2a00:1111:aaaa::/64 maxlen: 64
2a11:2a00:9999:3456::/64 maxlen: 64
2a11:2a01:2222:bbbb::/64 maxlen: 64
2a11:2a01:abcd:4567::/64 maxlen: 64
2a11:2a02:3333:cccc::/64 maxlen: 64
2a11:2a03:4444:dddd::/64 maxlen: 64
2a11:2a04:5555:eeee::/64 maxlen: 64
2a11:2a05:6666:ffff::/64 maxlen: 64
2a11:2a06:7777:1234::/64 maxlen: 64
2a11:2a07:8888:2345::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/YcK0WmXBm2irsFFsnMr0VHpcwxI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/YcK0WmXBm2irsFFsnMr0VHpcwxI.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcK0WmXBm2irsFFsnMr0VHpcwxI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ad:e6:da:5a:87:e4:40:39:e8:c0:0f:9a:de:16:31:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c2b45a65c19b68abb0516c9ccaf4547a5cc312
Validity
Not Before: Aug 15 13:24:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99bb21777e9ade4527fcf2f0d6d9f2e9faa7d6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:56:f4:f6:3c:16:fa:9c:fa:07:dd:6c:39:12:
59:28:62:a8:70:99:96:b5:fc:84:ba:f3:b6:cd:9a:
36:c8:6e:f9:a9:f4:1e:2b:a7:e9:dd:db:f8:d6:8a:
2a:3e:f7:9d:91:41:12:1b:0b:4d:07:78:69:f1:45:
98:98:c1:38:d7:e8:0b:f8:22:0e:4d:f6:48:a4:ff:
42:09:5b:fe:de:8c:a1:70:2f:18:d5:33:a9:74:ca:
96:c4:b2:fd:06:cb:ca:27:2d:0d:16:81:49:5d:2b:
5c:da:e9:cf:3a:41:75:47:2f:14:09:3c:c9:e5:d8:
4a:c6:78:54:97:0a:2a:5b:99:4d:4a:81:a6:30:6a:
22:19:fa:fb:37:9f:1b:a9:7e:1a:df:bf:8e:da:cf:
e6:51:b2:40:32:c7:64:29:5c:2b:ee:d6:4d:b5:4e:
1a:58:1c:ee:4b:0c:fd:47:95:45:44:c8:8f:6d:f7:
d2:a0:26:af:8c:c0:28:01:50:6c:37:07:38:6b:9e:
16:9e:7a:2c:bc:a0:04:42:3d:89:56:f0:98:4d:8e:
6d:67:42:cc:cb:5a:70:1f:1b:3f:d8:9a:e2:b4:1d:
76:75:21:fe:38:7d:06:1b:ae:57:a5:2c:19:f0:b7:
70:bb:9d:56:10:35:13:cc:5b:83:89:34:77:2b:a2:
e5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BB:21:77:7E:9A:DE:45:27:FC:F2:F0:D6:D9:F2:E9:FA:A7:D6:B1
X509v3 Authority Key Identifier:
keyid:61:C2:B4:5A:65:C1:9B:68:AB:B0:51:6C:9C:CA:F4:54:7A:5C:C3:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcK0WmXBm2irsFFsnMr0VHpcwxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/mbshd36a3kUn_PLw1tny6fqn1rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/YcK0WmXBm2irsFFsnMr0VHpcwxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:2a00:1111:aaaa::/64
2a11:2a00:9999:3456::/64
2a11:2a01:2222:bbbb::/64
2a11:2a01:abcd:4567::/64
2a11:2a02:3333:cccc::/64
2a11:2a03:4444:dddd::/64
2a11:2a04:5555:eeee::/64
2a11:2a05:6666:ffff::/64
2a11:2a06:7777:1234::/64
2a11:2a07:8888:2345::/64
Signature Algorithm: sha256WithRSAEncryption
1a:91:ba:43:b0:24:e2:46:10:b7:5c:98:ee:a5:50:02:1a:8e:
87:e8:77:1d:49:fc:4d:4c:a5:ad:91:77:1b:f3:d5:37:d8:7d:
b0:dd:62:2e:51:7e:3e:56:ee:02:70:07:00:ba:1a:21:80:a5:
59:a8:35:39:bb:c6:d8:5b:ca:2e:57:56:47:81:53:6b:11:02:
fd:aa:72:d0:fa:63:e9:96:3e:4d:eb:0f:ac:48:e3:47:94:48:
e3:1a:3b:14:24:da:05:f4:41:98:df:a2:97:48:4e:c1:49:0b:
3d:97:65:4d:7b:ec:6f:b9:79:1c:6c:d1:bd:0d:82:ff:b0:4d:
8f:5d:3a:6c:41:23:02:9a:da:51:5c:03:94:6e:93:c1:bc:af:
82:22:a4:8c:50:c2:fe:16:08:14:7f:56:89:3a:04:69:a7:08:
8e:40:79:fe:32:87:47:e0:09:93:b9:a2:ac:14:d1:da:1a:5b:
57:da:b0:1a:92:2c:5c:1b:33:29:ac:04:ac:89:cf:1f:6f:12:
03:b2:ea:84:4c:58:df:9c:37:48:f5:c5:79:f1:13:ea:b9:ee:
41:38:74:b8:30:0d:db:cc:d4:2e:da:94:b8:ec:a7:9d:bb:e3:
cf:c9:a3:b7:a0:b3:32:df:e0:af:5c:b7:30:65:bb:09:ef:a4:
01:ef:08:69
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZit5tpah+RAOejAD5reFjGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzJiNDVhNjVjMTliNjhhYmIwNTE2YzljY2FmNDU0N2E1
Y2MzMTIwHhcNMjUwODE1MTMyNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWJiMjE3NzdlOWFkZTQ1MjdmY2YyZjBkNmQ5ZjJlOWZhYTdkNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41b09jwW+pz6B91sORJZKGKocJmW
tfyEuvO2zZo2yG75qfQeK6fp3dv41ooqPvedkUESGwtNB3hp8UWYmME41+gL+CIO
TfZIpP9CCVv+3oyhcC8Y1TOpdMqWxLL9BsvKJy0NFoFJXStc2unPOkF1Ry8UCTzJ
5dhKxnhUlwoqW5lNSoGmMGoiGfr7N58bqX4a37+O2s/mUbJAMsdkKVwr7tZNtU4a
WBzuSwz9R5VFRMiPbffSoCavjMAoAVBsNwc4a54WnnosvKAEQj2JVvCYTY5tZ0LM
y1pwHxs/2JritB12dSH+OH0GG65XpSwZ8Ldwu51WEDUTzFuDiTR3K6LlTwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFJm7IXd+mt5FJ/zy8NbZ8un6p9axMB8GA1UdIwQY
MBaAFGHCtFplwZtoq7BRbJzK9FR6XMMSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNLMFdtWEJtMmlyc0ZGc25NcjBWSHBjd3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yODYyYWItMzdkZC00N2YyLThkZjIt
MjJjMjdiOTkzYWUyLzEvbWJzaGQzNmEza1VuX1BMdzF0bnk2ZnFuMXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yODYyYWItMzdkZC00N2YyLThkZjItMjJjMjdiOTkzYWUy
LzEvWWNLMFdtWEJtMmlyc0ZGc25NcjBWSHBjd3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAIwbgMJACoRKgAR
EaqqAwkAKhEqAJmZNFYDCQAqESoBIiK7uwMJACoRKgGrzUVnAwkAKhEqAjMzzMwD
CQAqESoDRETd3QMJACoRKgRVVe7uAwkAKhEqBWZm//8DCQAqESoGd3cSNAMJACoR
KgeIiCNFMA0GCSqGSIb3DQEBCwUAA4IBAQAakbpDsCTiRhC3XJjupVACGo6H6Hcd
SfxNTKWtkXcb89U32H2w3WIuUX4+Vu4CcAcAuhohgKVZqDU5u8bYW8ouV1ZHgVNr
EQL9qnLQ+mPplj5N6w+sSONHlEjjGjsUJNoF9EGY36KXSE7BSQs9l2VNe+xvuXkc
bNG9DYL/sE2PXTpsQSMCmtpRXAOUbpPBvK+CIqSMUML+FggUf1aJOgRppwiOQHn+
ModH4AmTuaKsFNHaGltX2rAakixcGzMprASsic8fbxIDsuqETFjfnDdI9cV58RPq
ue5BOHS4MA3bzNQu2pS47Kedu+PPyaO3oLMy3+CvXLcwZbsJ76QB7whp
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:38:11 2025 by rpki-client